Author: Admin
October 28, 2024Hacker newsOperational technologies / Cyber security Operational safety technology (OT) has impacted marine vessel and port operators as both ships and industrial cranes are rapidly digitized and automated, creating new types of safety challenges. Ships come ashore on average every six months. Container cranes are mostly automated. Diagnostics, maintenance, upgrades and tuning of these mission-critical systems are performed remotely, often by third-party technicians. This highlights the importance of proper secure remote access management for industrial control systems (ICS). Learn more in our Buyer’s Guide to Securely Managing the Remote Access Lifecycle. We are in SSH connection security (SSH)…
Cybersecurity researchers are warning of a surge in phishing pages created using a website builder tool called Webflow, as threat actors continue to abuse legitimate services such as Cloudflare and Microsoft Sway for your benefit. “Companies targeted sensitive information from various crypto wallets, including Coinbase, MetaMask, Phantom, Trezor, and Bitbuy, as well as login credentials for several of the company’s webmail platforms, as well as Microsoft 365 login credentials,” said Netskope Threat Labs researcher Ian Michael Alcantara. said in the analysis. The cybersecurity company said it tracked a 10-fold increase in traffic to phishing pages created using Webflow between April…
October 28, 2024Ravi LakshmananWindows Vulnerability / Security A new attack technique can be used to bypass Microsoft Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) demotion attacks. “This bypass allows the loading of unsigned kernel drivers, allowing attackers to deploy custom rootkits that can override security controls, hide processes and network activity, maintain stealth, and more,” SafeBreach researcher Alon Leviev. said in a report shared with The Hacker News. Recent findings are based on preliminary analysis which discovered two elevation of privilege flaws in the Windows update process (CVE-2024-21302 and CVE-2024-38202), which can be…
October 26, 2024Ravi LakshmananCybercrime / Malware Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare cases in which cybercriminals from the country have been convicted of hacking and money laundering. Russian information publication “Kommersant”. informed that the court in St. Petersburg found Artyom Zayts, Aleksey Malazemov, Daniil Puzyreuski and Ruslan Khansvyerov guilty of illegal circulation of payment means. Puzyrewski and Khansvyerov were also found guilty of using and distributing malicious programs. For this, Zayets and Malazemov were sentenced to 4.5 and 5 years of imprisonment. Khansvyerov…
October 26, 2024Ravi LakshmananCloud Security / Cryptocurrency The infamous group of cryptojackers known as Team TNT appears to be gearing up for a new large-scale campaign targeting cloud environments for cryptocurrency mining and leasing hacked servers to third parties. “The group is currently targeting exposed Docker daemons to deploy Sliver malware, cyberworms and cryptominers, using compromised servers and Docker Hub as infrastructure to spread their malware,” said Assaf Morag, director of threat intelligence at Aqua cloud security. said in a report released Friday. The attack is again a testament to the persistence of the threat actor and their ability to…
October 26, 2024Ravi LakshmananCyber attack / threat intelligence Ukraine’s Computer Emergency Response Team (CERT-UA) has detailed a new malicious electronic campaign targeting government agencies, businesses and military structures. “Messages use the appeal of integrating popular services like Amazon or Microsoft and implementing a zero-trust architecture,” CERT-UA said. “These emails contain attachments in the form of Remote Desktop Protocol (‘.rdp’) configuration files.” Once executed, RDP files establish a connection to a remote server, allowing threat actors to remotely access compromised nodes, steal data, and install additional malware for subsequent attacks. Infrastructure preparations for this activity are believed to have been underway…
October 25, 2024Ravi LakshmananWi-Fi Vulnerability / Security A security flaw affecting the Wi-Fi test suite could allow unauthenticated local attackers to execute arbitrary code with elevated privileges. The CERT Coordination Center (CERT/CC) stated that the vulnerability is being tracked as CVE-2024-41992said that sensitive code from the Wi-Fi Alliance was found on Arcadyan FMIMG51AX000J routers. “This flaw allows a local, unauthenticated attacker to exploit Wi-Fi Test Suite by sending specially crafted packets, allowing the execution of arbitrary commands with root privileges on affected routers,” CERT/CC said in a statement. said in an advisory issued Wednesday. Wi-Fi test suite is integrated platform…
Watermark for text generated by LLM Google researchers there is developed watermark for text created by LLM. The basics are pretty obvious: LLM chooses between tokens based in part on a cryptographic key, and someone who knows the key can discover that choice. What makes this difficult is (1) how much text is required for the watermark to work and (2) how robust the watermark is to editing after creation. Google’s version looks pretty good: it can be detected in text up to 200 tokens. tags: academic works, artificial intelligence, cryptography, Google, identification, Master of Laws Posted on October 25,…
October 25, 2024Ravi LakshmananCloud Security / Artificial Intelligence Apple has made its Private Cloud Compute (PCC) Virtual Research Environment (VRE) publicly available, allowing the research community to test and validate the privacy and security guarantees of its offering. PCC which Apple promulgated earlier this June was marketed as “the most advanced security architecture ever deployed for large-scale cloud computing.” With the new technology, the idea is to offload Apple Intelligence’s complex computing queries to the cloud in a way that doesn’t sacrifice user privacy. an apple said it invites “all security and privacy researchers—or those with an interest and technical…
October 25, 2024Ravi LakshmananRegulatory Compliance / Data Breach The U.S. Securities and Exchange Commission (SEC) has charged four current and former public companies with “misleading disclosures” related to a large-scale cyber attack that resulted in SolarWinds hack in 2020. The SEC said the companies — Avaya, Check Point, Mimecastand Unisys – are being punished for how they managed the disclosure process after the SolarWinds Orion software supply chain incident and downplayed the breach, thereby violating the Securities Act of 1933, the Securities Act of 1934 and related regulations thereunder . To that end, Avaya will pay a $1 million fine,…